- Issued:
- 2019-10-29
- Updated:
- 2019-10-29
RHSA-2019:3211 - Security Advisory
Synopsis
Critical: chromium-browser security update
Type/Severity
Security Advisory: Critical
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 77.0.3865.120.
Security Fix(es):
- chromium-browser: Use-after-free in media (CVE-2019-5870)
- chromium-browser: Heap overflow in Skia (CVE-2019-5871)
- chromium-browser: Use-after-free in Mojo (CVE-2019-5872)
- chromium-browser: External URIs may trigger other browsers (CVE-2019-5874)
- chromium-browser: URL bar spoof via download redirect (CVE-2019-5875)
- chromium-browser: Use-after-free in media (CVE-2019-5876)
- chromium-browser: Out-of-bounds access in V8 (CVE-2019-5877)
- chromium-browser: Use-after-free in V8 (CVE-2019-5878)
- chromium-browser: Use-after-free in offline pages (CVE-2019-13686)
- chromium-browser: Use-after-free in media (CVE-2019-13688)
- chromium-browser: Omnibox spoof (CVE-2019-13691)
- chromium-browser: SOP bypass (CVE-2019-13692)
- chromium-browser: Use-after-free in IndexedDB (CVE-2019-13693)
- chromium-browser: Use-after-free in WebRTC (CVE-2019-13694)
- chromium-browser: Use-after-free in audio (CVE-2019-13695)
- chromium-browser: Use-after-free in V8 (CVE-2019-13696)
- chromium-browser: Cross-origin size leak (CVE-2019-13697)
- chromium-browser: Extensions can read some local files (CVE-2019-5879)
- chromium-browser: SameSite cookie bypass (CVE-2019-5880)
- chromium-browser: Arbitrary read in SwiftShader (CVE-2019-5881)
- chromium-browser: URL spoof (CVE-2019-13659)
- chromium-browser: Full screen notification overlap (CVE-2019-13660)
- chromium-browser: Full screen notification spoof (CVE-2019-13661)
- chromium-browser: CSP bypass (CVE-2019-13662)
- chromium-browser: IDN spoof (CVE-2019-13663)
- chromium-browser: CSRF bypass (CVE-2019-13664)
- chromium-browser: Multiple file download protection bypass (CVE-2019-13665)
- chromium-browser: Side channel using storage size estimate (CVE-2019-13666)
- chromium-browser: URI bar spoof when using external app URIs (CVE-2019-13667)
- chromium-browser: Global window leak via console (CVE-2019-13668)
- chromium-browser: HTTP authentication spoof (CVE-2019-13669)
- chromium-browser: V8 memory corruption in regex (CVE-2019-13670)
- chromium-browser: Dialog box fails to show origin (CVE-2019-13671)
- chromium-browser: Cross-origin information leak using devtools (CVE-2019-13673)
- chromium-browser: IDN spoofing (CVE-2019-13674)
- chromium-browser: Extensions can be disabled by trailing slash (CVE-2019-13675)
- chromium-browser: Google URI shown for certificate warning (CVE-2019-13676)
- chromium-browser: Chrome web store origin needs to be isolated (CVE-2019-13677)
- chromium-browser: Download dialog spoofing (CVE-2019-13678)
- chromium-browser: User gesture needed for printing (CVE-2019-13679)
- chromium-browser: IP address spoofing to servers (CVE-2019-13680)
- chromium-browser: Bypass on download restrictions (CVE-2019-13681)
- chromium-browser: Site isolation bypass (CVE-2019-13682)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Fixes
- BZ - 1762366 - CVE-2019-5870 chromium-browser: Use-after-free in media
- BZ - 1762367 - CVE-2019-5871 chromium-browser: Heap overflow in Skia
- BZ - 1762368 - CVE-2019-5872 chromium-browser: Use-after-free in Mojo
- BZ - 1762370 - CVE-2019-5874 chromium-browser: External URIs may trigger other browsers
- BZ - 1762371 - CVE-2019-5875 chromium-browser: URL bar spoof via download redirect
- BZ - 1762372 - CVE-2019-13691 chromium-browser: Omnibox spoof
- BZ - 1762373 - CVE-2019-13692 chromium-browser: SOP bypass
- BZ - 1762374 - CVE-2019-5876 chromium-browser: Use-after-free in media
- BZ - 1762375 - CVE-2019-5877 chromium-browser: Out-of-bounds access in V8
- BZ - 1762376 - CVE-2019-5878 chromium-browser: Use-after-free in V8
- BZ - 1762377 - CVE-2019-5879 chromium-browser: Extensions can read some local files
- BZ - 1762378 - CVE-2019-5880 chromium-browser: SameSite cookie bypass
- BZ - 1762379 - CVE-2019-5881 chromium-browser: Arbitrary read in SwiftShader
- BZ - 1762380 - CVE-2019-13659 chromium-browser: URL spoof
- BZ - 1762381 - CVE-2019-13660 chromium-browser: Full screen notification overlap
- BZ - 1762382 - CVE-2019-13661 chromium-browser: Full screen notification spoof
- BZ - 1762383 - CVE-2019-13662 chromium-browser: CSP bypass
- BZ - 1762384 - CVE-2019-13663 chromium-browser: IDN spoof
- BZ - 1762385 - CVE-2019-13664 chromium-browser: CSRF bypass
- BZ - 1762386 - CVE-2019-13665 chromium-browser: Multiple file download protection bypass
- BZ - 1762387 - CVE-2019-13666 chromium-browser: Side channel using storage size estimate
- BZ - 1762388 - CVE-2019-13667 chromium-browser: URI bar spoof when using external app URIs
- BZ - 1762389 - CVE-2019-13668 chromium-browser: Global window leak via console
- BZ - 1762390 - CVE-2019-13669 chromium-browser: HTTP authentication spoof
- BZ - 1762391 - CVE-2019-13670 chromium-browser: V8 memory corruption in regex
- BZ - 1762392 - CVE-2019-13671 chromium-browser: Dialog box fails to show origin
- BZ - 1762393 - CVE-2019-13673 chromium-browser: Cross-origin information leak using devtools
- BZ - 1762394 - CVE-2019-13674 chromium-browser: IDN spoofing
- BZ - 1762395 - CVE-2019-13675 chromium-browser: Extensions can be disabled by trailing slash
- BZ - 1762396 - CVE-2019-13676 chromium-browser: Google URI shown for certificate warning
- BZ - 1762397 - CVE-2019-13677 chromium-browser: Chrome web store origin needs to be isolated
- BZ - 1762398 - CVE-2019-13678 chromium-browser: Download dialog spoofing
- BZ - 1762399 - CVE-2019-13679 chromium-browser: User gesture needed for printing
- BZ - 1762400 - CVE-2019-13680 chromium-browser: IP address spoofing to servers
- BZ - 1762401 - CVE-2019-13681 chromium-browser: Bypass on download restrictions
- BZ - 1762402 - CVE-2019-13682 chromium-browser: Site isolation bypass
- BZ - 1762474 - CVE-2019-13688 chromium-browser: Use-after-free in media
- BZ - 1762476 - CVE-2019-13686 chromium-browser: Use-after-free in offline pages
- BZ - 1762518 - CVE-2019-13693 chromium-browser: Use-after-free in IndexedDB
- BZ - 1762519 - CVE-2019-13694 chromium-browser: Use-after-free in WebRTC
- BZ - 1762520 - CVE-2019-13695 chromium-browser: Use-after-free in audio
- BZ - 1762521 - CVE-2019-13696 chromium-browser: Use-after-free in V8
- BZ - 1762522 - CVE-2019-13697 chromium-browser: Cross-origin size leak
CVEs
- CVE-2019-5870
- CVE-2019-5871
- CVE-2019-5872
- CVE-2019-5874
- CVE-2019-5875
- CVE-2019-5876
- CVE-2019-5877
- CVE-2019-5878
- CVE-2019-5879
- CVE-2019-5880
- CVE-2019-5881
- CVE-2019-13659
- CVE-2019-13660
- CVE-2019-13661
- CVE-2019-13662
- CVE-2019-13663
- CVE-2019-13664
- CVE-2019-13665
- CVE-2019-13666
- CVE-2019-13667
- CVE-2019-13668
- CVE-2019-13669
- CVE-2019-13670
- CVE-2019-13671
- CVE-2019-13673
- CVE-2019-13674
- CVE-2019-13675
- CVE-2019-13676
- CVE-2019-13677
- CVE-2019-13678
- CVE-2019-13679
- CVE-2019-13680
- CVE-2019-13681
- CVE-2019-13682
- CVE-2019-13683
- CVE-2019-13685
- CVE-2019-13686
- CVE-2019-13687
- CVE-2019-13688
- CVE-2019-13691
- CVE-2019-13692
- CVE-2019-13693
- CVE-2019-13694
- CVE-2019-13695
- CVE-2019-13696
- CVE-2019-13697
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
x86_64 | |
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295 |
i386 | |
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7 |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
x86_64 | |
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295 |
i386 | |
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7 |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
x86_64 | |
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295 |
i386 | |
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm | SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7 |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
x86_64 | |
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820 |
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm | SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.